/w00tw00t.at.ISC.SANS.DFind
Hi,
I couldn't run our web portal, so when I checked the error logs of apache2..i got these errors: Code:
[Thu Jul 09 23:43:19 2009] [error] [client 211.95.78.79] File does not exist: /home/www/cgi-bin And what does this mean:? client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:) Thanks for any help. |
Search for /w00tw00t.at.ISC.SANS.DFind on the web. With the fact that your portal no longer works, I think your box is under attack and they might have succeeded (but I'm not sure about the latter).
|
Quote:
Should I reformat my web portal? (that should be my last resort) |
DFind (http://isc.sans.org/diary.html?storyid=900) appears to be a vulnerability scanner for mcrsft wndws. What you could do is fill in your distribution details in your control panel (so any advice may be better suitable for the distro you run), mention if the machine is remote hosted or not, post the software+versions that make up your "web portal" and see if you can run commands from this checklist: http://web.archive.org/web/200801092...checklist.html. The error lines you have posted do not explain why your web portal won't run. Best list processes, open files, network connections and users, then shut those services down or firewall them while you work things out.
|
Moved: This thread is more suitable in <Linux-Security> and has been moved accordingly to help your thread/question get the exposure it deserves.
|
All times are GMT -5. The time now is 10:25 PM. |